<?php
/*
    GUMUD is Extensible Web-based Multi-User Dungeon Software.

    Copyright (C) 2013  White Rabbit

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/
if(!preg_match("/(\w)+/",$_POST['first'])) {$_SESSION['error'] = "Your avatar's first name has been given with unallowed characters, please check it and try again."; header("location: index.php"); die(); exit(); }
if(!preg_match("/(\w)+/",$_POST['last'])) {$_SESSION['error'] = "Your avatar's last name has been given with unallowed characters, please check it and try again."; header("location: index.php"); die(); exit(); }
if($_POST['token'] != $token) {$_SESSION['error'] = "There was a problem signing in securely; please retry to login."; header("location: index.php"); die(); exit(); }
$itx['com-user'][1] = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=getuser&firstname=".$_POST['first']."&lastname=".$_POST['last']);
$itx['com-user'][2] = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=validateuser&uuid=".$itx['com-user'][1]."&passhash=".md5($_POST['pass']."~".publicsecret));
$itx['com-user'][2] = file_get_contents("http://".gridURL."/index.php?scripthandshakeID=".scripthandshakeID."&request=validateuser&uuid=".$itx['com-user'][1]."&passhash=".md5($_POST['pass']."~".publicsecret));
if ($itx['com-user'][2] == "validated") {
	$_SESSION['sysmessage'] = "You have signed in successfully!";
	setcookie ( "first" , $_POST['first'], unixtime + 24600 , "/" , cookiedomain);
	setcookie ( "last" , $_POST['last'], unixtime + 24600 , "/" , cookiedomain);
	setcookie ( "pass" , md5($_POST['pass']."~".publicsecret), unixtime + 24600 , "/" , cookiedomain);
	header("location: index.php?com=user&action=account"); die(); exit();
}
else {
	$_SESSION['error'] = "There was a problem with authenticating your avatar. Please check your credentials and try again."; header("location: index.php"); die(); exit();
}
?>
